package com.example.securitytest;

import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.context.annotation.Bean;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.provisioning.InMemoryUserDetailsManager;

//security 沿着一条filter调用链执行，其中AuthManage.auth()是security的所有方法通用的，调用AuthManage.auth()即可获取用户的认证信息，相应也可修改，
// 调用链如下

/**
 * 0 = {WebAsyncManagerIntegrationFilter@9710}
 * 1 = {SecurityContextPersistenceFilter@9716}
 * 2 = {HeaderWriterFilter@9733}
 * 3 = {LogoutFilter@9734}
 * 4 = {UsernamePasswordAuthenticationFilter@9735}
 * 5 = {DefaultLoginPageGeneratingFilter@9736}
 * 6 = {BasicAuthenticationFilter@9737}
 * 7 = {RequestCacheAwareFilter@9738}
 * 8 = {SecurityContextHolderAwareRequestFilter@9739}
 * 9 = {AnonymousAuthenticationFilter@9740}
 * 10 = {SessionManagementFilter@9741}
 * 11 = {ExceptionTranslationFilter@9742}
 * 12 = {FilterSecurityInterceptor@9743}
 */
@SpringBootApplication
public class LaiqiandaoApplication {

    public static void main(String[] args) {
        SpringApplication.run(LaiqiandaoApplication.class, args);
    }

    @Bean
    public UserDetailsService userDetailsService() throws Exception {
        // ensure the passwords are encoded properly
        User.UserBuilder users = User.withDefaultPasswordEncoder();
        InMemoryUserDetailsManager manager = new InMemoryUserDetailsManager();
        manager.createUser(users.username("user").password("password").roles("USER").build());
        manager.createUser(users.username("admin").password("password").roles("USER","ADMIN").build());
        return manager;
    }
}
